3 matches found
WordPress Image Metadata Cruncher Plugin Cross Site Request Forgery (CVE-2015-1614)
A cross-site request forgery CSRF vulnerability has been reported in WordPress Image Metadata Cruncher Plugin. An attacker could exploit this vulnerability by convincing the user to follow a malicious link or visit an attacker controlled website...
CVE-2015-1614
Multiple cross-site request forgery CSRF vulnerabilities in the Image Metadata Cruncher plugin for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 imagemetadatacruncheralt or 2...
CVE-2015-1614
CVE-2015-1614 pertains to the WordPress Image Metadata Cruncher plugin, which is reported to contain CSRF vulnerabilities that allow remote attackers to hijack an administrator’s authentication and trigger stored XSS via the plugin’s image_metadata_cruncher[alt], image_metadata_cruncher[caption],...